#readwise # Nmap OS Detection  ## Metadata - Author: [[nmap.org]] - Full Title: Nmap OS Detection - URL: https://nmap.org/book/man-os-detection.html ## Summary Nmap can detect the operating system of a remote host by sending packets and analyzing the responses. It compares the results to a database of over 2,600 known OS fingerprints. If Nmap can't identify the OS, it provides a way to submit the fingerprint for future reference. OS detection also helps gather additional information, like the target's uptime and TCP connection challenges. ## Highlights One of Nmap's best-known features is remote OS detection using TCP/IP stack fingerprinting. Nmap sends a series of TCP and UDP packets to the remote host and examines practically every bit in the responses. After performing dozens of tests such as TCP ISN sampling, TCP options support and ordering, IP ID sampling, and the initial window size check, Nmap compares the results to its `nmap-os-db` database of more than 2,600 known OS fingerprints and prints out the OS details if there is a match. Each fingerprint includes a freeform textual description of the OS, and a classification which provides the vendor name (e.g. Sun), underlying OS (e.g. Solaris), OS generation (e.g. 10), and device type (general purpose, router, switch, game console, etc). ([View Highlight](https://read.readwise.io/read/01jpdd8yaxzk0y789jd039twa7)) ^okhjyb --- `-O` (Enable OS detection) Enables OS detection, as discussed above. ([View Highlight](https://read.readwise.io/read/01jpdd9t279zx2w1a269rxskw4)) ---